I have a group of linux web apps with VNet Integration enabled on a subnet called web-tier and an azure server with private link configured on another subnet called data-tier.
I have also added nsg rules to the data-tier subnet nsg to allow inbound traffic from web-tier on ports TCP 1433, UDP 1434, and TCP 11000-11999 ports.
The SQL Server has "Redirect" connection policy with public network access disabled. I have restarted the web apps after creating the private endpoint but the web apps are still unable to connect to SQL Server.
Can anyone please advise what I may be missing here?
Thanks
2
Answers
Following this documentation, I opened up ports 1433-65535 for TCP for the outbound traffic from Web-tier and the inbound traffic for data-tier. This helped me fix my problem.
You’re over-complicating things. Instead of a Private Endpoint, simply use a VNet Service Endpoint. That’s just a firewall rule that allows connections to your database from your private VNet. It’s cheaper too.